- Checks the OS is macOS. Bails otherwise.
- Resolves the bundled
mxkeyscript (at<repo-dir>/mxkey). - Makes it executable (the tarball unpack may drop the
+xbit). - Checks if
mxkeyis already on PATH. If so, exits without changes. - Ensures
~/.local/bin/exists; creates it if not. - Creates a symlink:
~/.local/bin/mxkey→<repo-dir>/mxkey. - Verifies
~/.local/bin/is on PATH. Prints aPATHfix snippet if not. - Runs
mxkey listas a sanity check.
The script is idempotent — safe to re-run any time.
When the skill updates (e.g. you git pull the repo), the script at
<repo-dir>/mxkey gets replaced. The symlink in ~/.local/bin/ automatically
points at the new version — no re-setup needed.
A copy would require re-running setup after every skill update to pick up changes.
which mxkey # should print ~/.local/bin/mxkey
ls -la ~/.local/bin/mxkey # should show the symlink target
mxkey list # should print "(no secrets stored)" on a fresh installJust delete the symlink. Skill data and Keychain entries are not affected:
rm ~/.local/bin/mxkeyTo also wipe all stored secrets:
# Remove the on-disk index
rm -rf ~/.config/mxkey
# Remove the Keychain entries (nuclear option — affects ALL mxkey secrets)
security dump-keychain login.keychain-db 2>/dev/null \
| grep -oE 'mxkey\.[^"]+' \
| sort -u \
| while read -r svc; do
security delete-generic-password -s "$svc" >/dev/null 2>&1 || true
doneIf ~/.local/bin/ isn't on PATH, add this to the top of your shell rc:
export PATH="$HOME/.local/bin:$PATH"- zsh users:
~/.zshrc - bash users:
~/.bashrc(or~/.bash_profilefor login shells on macOS) - fish users:
set -U fish_user_paths $HOME/.local/bin $fish_user_paths
Then reload: source ~/.zshrc (or equivalent).